Cyber Security Ethics

Spring 2024

Even though this is an introductory course in Computer Security, you will be exposed to knowledge and techniques that can be used for hacking, penetrating and attacking various computer systems.

We will be discussing several attacks, explorations and implementations in this class, some of them quite nasty.

While these are an integral part of a course on Computer Security, applying them in the real world can lead to violation of local and international laws and/or of institutional policies, and it may be unethical. This will have very serious consequences: do not take it lightly. Under some circumstances, even probing for weaknesses may result in severe penalties, up to and including expulsion, civil fines, and jail time.

The existence of a security hole is no excuse. These issues concern not only professional ethics, but also YCP policy and state and federal law. If there is any question in your mind about what conduct is allowable, contact the instructor first.

Acting lawfully and ethically is your responsibility. Carefully read the Computer Fraud and Abuse Act CFAA, a federal statute that broadly criminalizes computer intrusion. This is one of several US laws that govern “hacking.” Cyber Criminals are hunted down by FBI, Secret Service ^*, DOJ and many more.

Understand what the law prohibits — you don’t want to end up like:

• Audrey Strauss was sentenced to 12 years for JP Morgan Chase data breach.
• Onur Kopçak gets 334 years, 7 months and 10 days on charges related to bank and identity fraud.
• Albert Gonzalez gets 20 years for hacking TJX Companies and Heartland Payment Systems.
• Roman Seleznev was sentenced to 27 years’ imprisonment for running Organized Cybercrime Ring.
• Max Butler Receives 13-Year Prison Sentence for identity theft.
• Sarah Palin E-mail Prankster sentenced to 1 Year in Custody.
• Samy Kamkar ^* sentenced to three years’ probation with only one computer and no use of internet, 90 days’ community service, and $15,000–$20,000 USD in restitution.
• Russian FSB Officers charged for hacking Yahoo and user emails. All of Yahoo’s 3 billion accounts were impacted.
• Hacker for hire Karim Baratov gets 5 years in prison and $2.25 million restitution fees.

Please review Ken Thomson’s Review on Trusting Trust and the college’s policy on Acceptable Use for guidelines concerning proper use of information technology.

^* make sure you are not on VPN to read those.

As a member of the College, you are required to abide by these policies.

Name:

Date:

Signature: